Source address security for both training and non-training packets

Patent 5727146 Issued on March 10, 1998. Estimated Expiration Date:

June 4, 2016. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Abstract Claims Description Full Text

Patent References

Repeaters for secure local area networks
Patent #: 5161192
Issued on: 11/03/1992
Inventor: Carter, et al.

Security system for a network concentrator
Patent #: 5311593
Issued on: 05/10/1994
Inventor: Carmi

Address tracking over repeater based networks
Patent #: 5414694
Issued on: 05/09/1995
Inventor: Crayford, et al.

Repeater interface controller with a shared data bus
Patent #: 5430726
Issued on: 07/04/1995
Inventor: Moorwood, et al.

Controlling power sequencing of a control unit in an input/output system
Patent #: 5450073
Issued on: 09/12/1995
Inventor: Brown, et al.

Distributed processing ethernet switch with adaptive cut-through switching
Patent #: 5521913
Issued on: 05/28/1996
Inventor: Gridley

Receiving port security in a network concentrator
Patent #: 5537099
Issued on: 07/16/1996
Inventor: Liang

Programmable disrupt of multicast packets for secure networks
Patent #: 5539737
Issued on: 07/23/1996
Inventor: Lo, et al.

Apparatus for translating frames of data transferred between heterogeneous local area networks
Patent #: 5560038
Issued on: 09/24/1996
Inventor: Haddock

Subscriber information processing method in a connectionless data service
Patent #: 5561662
Issued on: 10/01/1996
Inventor: Kakuma, et al.

More ...

Inventors

Application

No. 658191 filed on 06/04/1996

Examiners

Primary: Beausoliel, Robert W. Jr.
Assistant: Palys, Joseph E.

International Class

G06F 011/00

Abstract

Network access to a port is secured by monitoring the source address of packets that are sent as a device tries to train to the port over the network. If the source address matches an authorized source address assigned to the port to which the device is attached, then the device is allowed access to the system. If the device tries to train with a source address different from the authorized address, then the device is not allowed to train into the network, and all packets sent by the device are denoted as errored packets to prevent them from being accepted by any other device in the network. The system also detects when a device tries to disguise itself by first training with an authorized source address and then sends a packet with an unauthorized source address. If a packet is received which contains a source address other than the one that the device is authorized to use, the packet is marked as invalid so that it is not accepted by any other device in the network. The unauthorized device is then required to re-establish its connection to the network by retraining to guarantee that it is the authorized device.